The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome prior to 42.0.2311.90, allows remote malicious users to bypass the Same Origin Policy and obtain sensitive audio sample values via a crafted web site containing a media element.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |
||
canonical ubuntu linux 14.10 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 15.04 |
||
debian debian linux 8.0 |